Upgrade to Pro — share decks privately, control downloads, hide ads and more …

我々はいかにして安全な
名前解決を手に入れるか / How do we get secure name resolution

A9f743358e6fcb5742e35156508ee4b7?s=47 Kazunori Jo
August 18, 2018
Technology
0
73

我々はいかにして安全な
名前解決を手に入れるか / How do we get secure name resolution

Kyoto.なんか #4

A9f743358e6fcb5742e35156508ee4b7?s=128

Kazunori Jo

August 18, 2018
Tweet

More Decks by Kazunori Jo

See All by Kazunori Jo
A9f743358e6fcb5742e35156508ee4b7?s=48 itochan
0
250
A9f743358e6fcb5742e35156508ee4b7?s=48 itochan
0
86
A9f743358e6fcb5742e35156508ee4b7?s=48 itochan
0
58
A9f743358e6fcb5742e35156508ee4b7?s=48 itochan
0
140
A9f743358e6fcb5742e35156508ee4b7?s=48 itochan
1
720
A9f743358e6fcb5742e35156508ee4b7?s=48 itochan
0
280
A9f743358e6fcb5742e35156508ee4b7?s=48 itochan
0
600
A9f743358e6fcb5742e35156508ee4b7?s=48 itochan
0
1.3k
A9f743358e6fcb5742e35156508ee4b7?s=48 itochan
1
2k

Other Decks in Technology

See All in Technology
D2f212ce418f3daa29c23914c9b6892b?s=48 kenmaz
2
320
942bb606679caf4c57b38927f83178e1?s=48 qsona
4
1.4k
15c2fcbb0358a6c4910fb043e2b1f71e?s=48 yuitosato
0
110
46839cf590a549efe13547c17a6b2fde?s=48 isaoshimizu
2
240
De96bf5df1407e8c7b22a970c265c809?s=48 kazushieguchi
0
1.2k
F73cb07af91c5fe5e1e5abf0f05019bf?s=48 takanorig
0
250
6249f569a29ccb5fd9c1b1b3e572ee89?s=48 omuomugin
1
380
53850955f15249a1a9dc49df6113e400?s=48 line_developers
PRO
4
290
8db1f2958e24accef8412659656fc8dc?s=48 natmark
4
720
842515eaf8fbb2dfcc75197e7797dc15?s=48 sat
2
290
Cfe33d3ab95f1c4902ee70b54af9e2a5?s=48 tokyoyoshida
0
210
A35557d139d8d53246763a01ec847a3f?s=48 kichiemon
2
230

Featured

See All Featured
3d4519fd34b76fb265fc0237f3792bd4?s=48 danielanewman
6
740
1b8ad785acdd1ce1c99914b1c2a4e10e?s=48 sugarenia
235
950k
9375a9529679f1b42b567a640d775e7d?s=48 schacon
152
6.8k
282d599b414022eba5096510f675b6e2?s=48 chrislema
174
14k
766b9746b59e6f09e280cd33cf4ed419?s=48 skipperchong
13
980
7edec06b5435e0dac07a353b2cc26253?s=48 geeforr
335
29k
462dad0dd24c568a32dcdb0ae895ae1b?s=48 rasmusluckow
318
19k
A0517b08532aec8ab2aae3f65d40ad86?s=48 hannesfritz
32
1.1k
3ab1249be442027903e1180025340b3f?s=48 reverentgeek
34
2.4k
5f83ef806155b403c3393160ce51f955?s=48 jlugia
218
16k
Ded01cdab114abe4ec13511e4c25b9bb?s=48 andyhume
67
4.4k
170b760e0147792d0140e59ec78e9893?s=48 eitanlees
119
11k

Transcript

  1. զʑ͸͍͔ʹͯ҆͠શͳ
 ໊લղܾΛखʹೖΕΔ͔ itochan Kyoto.* #4

  2. ͩΕ •౦ژͷେֶੜ •͸ͯͳΠϯλʔϯ 2016 ߦͬͯ·ͤΜ JUPDIBO !JDIBO

  3. എܠ • ੈؒͰ͸HTTPSԽͷѹ͕ߴ·͍ͬͯΔ • ໊͔͠͠લղܾ͸ฏจ • DNSͷ௨৴ܦ࿏Λ҉߸Խ͍ͨ͠ʂʂʂ • ҆શҙࣝͷߴ·Γ

  4. ͦ͜Ͱɺ

  5. DNS over HTTPS (DoH) • HTTPSܦ༝Ͱ໊લղܾ͕Ͱ͖Δ • IETF Draftʹͳ͍ͬͯͯඪ४Խ։࢝ •

    ࣮͸DNS over TLSͱ͍͏ͷ΋͋Δ • RFCͰඪ४Խ͞Ε͍ͯΔ (RFC 7858)

  6. ✔ ྑ͍ͱ͜Ζ • ໊લղܾ΋ؚΊ௨৴Λ׬શʹ҉߸Խ͢Δ͜ͱ͕Մೳʂ • େֶͷճઢͰ΋҆৺͍ͯ͠ΖΜͳαΠτΛӾཡͰ͖Δ

  7. ✘ ѱ͍ͱ͜Ζ • ໊લղܾʹएׯΦʔόʔϔου͕͋ΔʢͱݴΘΕ͍ͯΔʣ • TLS1.3Ͱղܾ͢Δ͔ʁ • ѱ͞Λ͍ͯ͠ΔͱࢥΘΕΔ

  8. DNS over HTTPS ࢖͏ʹ͸ • ࢖͑ͦ͏ͳͱ͜Ζ͸2ͭ • Google Public DNS:

    8.8.8.8, 8.8.4.4 • Cloudflare DNS: 1.1.1.1, 1.0.0.1

  9. DNS over HTTPS ࢖͏ʹ͸ • ࣍ͷFirefoxͰ͸CloudflareʹΑΔ
 DoHͷ໰͍߹ΘͤΛαϙʔτ͢ΔΒ͍͠ • Android PͰ͸OSͰαϙʔτ͢ΔΒ͍͠

    • ϩʔΧϧʹΫϥΠΞϯτΛཱͯlocalhost:53 ʹ໰͍߹Θͤ

  10. DNS over HTTPS ࢖͏ʹ͸ • ࣍ͷFirefoxͰ͸CloudflareʹΑΔ
 DoHͷ໰͍߹ΘͤΛαϙʔτ͢ΔΒ͍͠ • Android PͰ͸OSͰαϙʔτ͢ΔΒ͍͠

    • ϩʔΧϧʹΫϥΠΞϯτΛཱͯlocalhost:53 ʹ໰͍߹Θͤ ˣ͜Ε࠷ߴ

  11. DNS over HTTPS ΫϥΠΞϯτ • Ͳ͔ͬͪೖΕΔ • stubby • cloudflared

    ←؆୯

  12. ΍͍͖ͬͯ·͠ΐ͏

  13. ͜Μͳײ͡

  14. IUUQTUSBOTQBSFODZSFQPSUHPPHMFDPNIUUQTPWFSWJFX